Overview

overview

10

Static

static

10

visatool.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    visatool.exe

  • Size

    229KB

  • MD5

    8d12001c93eefec83bc3df9b79fd662e

  • SHA1

    f2a218e2fe72e57f0c169e58af5a5bad232b155a

  • SHA256

    17122c0a46007455035997b94a339b664d1b69cae5cf6a7b0544be7c2bed0326

  • SHA512

    8878a410caa7a29a9bdd619f7566a10cd41fd97919bcefaa9641d6b3a91fad685cb375a8a0127d7296478f918372d680fe289f2bb84ef72ca3a3ec3eb7edd2ce

  • SSDEEP

    6144:lloZMmrIkd8g+EtXHkv/iD4FOjFT5KyN54ZL22j3vtB48e1mfi:noZ1L+EP80jFT5KyN54ZL22jlAp

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1277999854974406696/E5jlpnaIaqj10n4mF186OXvssQJ6CXTDRHNJhNMj8V-2ZrtkJ672_8Ob61NpRqQHxlG9

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • visatool.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections